This document describes:
mmdblookup. - Optional βSOC dashboardβ style fields (severity, jail type, ban time, until).## Set default policies
iptables -P INPUT DROP
iptables -P FOWARD DROP
iptables -P OUTPUT DROP
## Allow traffic to and from the loopback interface
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
## Allow outbound connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
## Allow others to ping this machine
iptables -A INPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
## Ratelimit incomming SSH connections
iptables -A INPUT -p tcp --dport ssh -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP
iptabes -A INPUT -p tcp --dport ssh -m state --state NEW -m recent --set
iptables -A INPUT -p tcp --dport ssh -m state --state NEW -j ACCEPT
## Save rules on Debian/Ubuntu
apt install iptables-persistent
netfilter-persistent save
## Save rules on RHEL
chkconfig iptables on
service iptables saveI recently needed to create a new site to site VPN, but there was a few challenges to this. First of all the router of the new site is behind NAT and it would be moved to other physical locations everynow and then. I needed something that works both behind NAT and initiates the connection, that’s when I started to think about wireguard. I have used wireguard in the past, so it wasn’t exactly new to me.
From the console of Sophos XG.